﻿Imports EShop.VBClass

Partial Class webprogram_login
    Inherits System.Web.UI.Page

    ' Dim vbFuns As VBFunctions


    Sub GetCodes()
        'If vbFuns Is Nothing Then vbFuns = New VBFunctions
        Dim imgCode As String = GetCodeValue()
        Me.Txt_sCode.Text = imgCode
        Me.Image_Code.ImageUrl = CreateImage(imgCode, 50, 22)
        Me.Image_Code.AlternateText = imgCode
    End Sub

    Protected Sub Page_Load(sender As Object, e As EventArgs) Handles Me.Load
        checkData(Me)
        If Not Me.IsPostBack Then
            GetCodes()
            If My.Request.IsLocal Then
                Me.Txt_Code.Text = Me.Txt_sCode.Text
                'Me.Txt_User.Text = "wen"
            End If

        End If
    End Sub

    Protected Sub Button_login_Click(sender As Object, e As EventArgs) Handles Button_login.Click
        Dim adm_uid As String = Me.Txt_User.Text.Trim
        Dim adm_pwd As String = Me.Txt_PWD.Text.Trim
        Dim code As String = Me.Txt_Code.Text.Trim
        Dim sCode As String = Me.Txt_sCode.Text.Trim

        If adm_uid = "" Then
            Me.Label_err.Text = "用户名不能为空！"
            Exit Sub
        End If
        If adm_pwd = "" Then
            Me.Label_err.Text = "密码不能为空！"
            Exit Sub
        Else
            adm_pwd = GetCodeString(adm_pwd, "zyusoft")
        End If
        If code = "" Then
            Me.Label_err.Text = "验证码不能为空！"
            Exit Sub
        End If
        If code <> sCode Then
            Me.Label_err.Text = "验证码不正确！"
            Exit Sub
        End If
        adm_uid = adm_uid.Replace("'", "")
        adm_pwd = adm_pwd.Replace("'", "")
        Me.Label_err.Text = ""
        Dim sParameter() As Data.SqlClient.SqlParameter = { _
                        New Data.SqlClient.SqlParameter("@adm_Uid", adm_uid) _
                    }
        Dim chkExit As Boolean = checkExist("admins", "adm_Uid", "@adm_Uid", "", sParameter)
        If chkExit Then
            Dim spLen As Integer = sParameter.Length
            ReDim Preserve sParameter(spLen)
            sParameter(spLen) = New Data.SqlClient.SqlParameter("@adm_PWD", adm_PWD)
            Dim dtUser As Data.DataTable = GetDataTable("admins", "*", "adm_Uid=@adm_Uid and adm_PWD=@adm_PWD", "", sParameter)

            Dim u_id As Integer, adm_lock As Boolean
            Dim LoginIP As String = Request.ServerVariables("Remote_Addr")
            If dtUser Is Nothing Then
                Me.Label_err.Text = "登陆密码不对！"
                Exit Sub
            Else
                adm_lock = dValue(dtUser.Rows(0)("adm_lock"), False)
                If adm_lock Then
                    Me.Label_err.Text = "用户已被锁定！"
                    Exit Sub
                End If
                u_id = dtUser.Rows(0)("id")

                LoginUid = adm_uid
                Session("admin_ID") = u_id
                Session("admin_UID") = adm_uid
                Session("admin_role") = dtUser.Rows(0)("adm_Role")
                Session("admin_Logintimes") = dtUser.Rows(0)("adm_Logintimes") + 1
                Session("admin_lsLogintime") = dtUser.Rows(0)("adm_lsLogintime").ToString
                ExecuteSQL("update admins set adm_Logintimes=adm_Logintimes+1,adm_lsLogintime='" & Now() & "',adm_lsLoginIP='" & LoginIP & "' where id=" & u_id)
                If Me.AutoGet.Checked Then
                    Dim cook As New HttpCookie("admUID", adm_uid)
                    cook.Expires = DateAdd("d", 30, Today)
                    Response.Cookies.Add(cook)
                Else
                    Response.Cookies.Item("admUID").Expires = DateAdd("d", -30, Today)
                End If

                Response.Redirect("index.aspx", False)
            End If
        Else
            Me.Label_err.Text = "用户名不存在！"
            Exit Sub
        End If

    End Sub

    Protected Sub Button_getCode_Click(sender As Object, e As EventArgs) Handles Button_getCode.Click
        GetCodes()
    End Sub
End Class
